From 779664d79f0dca77dbdd66b753679bfd12dcbbad Mon Sep 17 00:00:00 2001

From: Chris Liddell <chris.liddell@artifex.com>

Date: Mon, 26 Nov 2018 18:01:25 +0000

Subject: [PATCH 1/4] Have gs_cet.ps run from gs_init.ps

Previously gs_cet.ps was run on the command line, to set up the interpreter

state so our output more closely matches the example output for the QL CET

tests.

Allow a -dCETMODE command line switch, which will cause gs_init.ps to run the

file directly.

This works better for gpdl as it means the changes are made in the intial

interpreter state, rather than after initialisation is complete.

This also means adding a definition of the default procedure for black

generation and under color removal (rather it being defined in-line in

.setdefaultbgucr

Also, add a check so gs_cet.ps only runs once - if we try to run it a second

time, we'll just skip over the file, flushing through to the end.

---

 Resource/Init/gs_cet.ps  | 11 ++++++++++-

 Resource/Init/gs_init.ps | 13 ++++++++++++-

 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/Resource/Init/gs_cet.ps b/Resource/Init/gs_cet.ps

index d3e1686..75534bb 100644

--- a/Resource/Init/gs_cet.ps

+++ b/Resource/Init/gs_cet.ps

@@ -1,6 +1,11 @@

 %!PS

 % Set defaults for Ghostscript to match Adobe CPSI behaviour for CET

+systemdict /product get (PhotoPRINT SE 5.0v2) readonly eq

+{

+  (%END GS_CET) .skipeof

+} if

+

 % do this in the server level so it is persistent across jobs

 //true 0 startjob not {

   (*** Warning: CET startup is not in server default) = flush

@@ -25,7 +30,9 @@ currentglobal //true setglobal

 /UNROLLFORMS true def

-{ } bind dup

+(%.defaultbgrucrproc) cvn { } bind def

+

+(%.defaultbgrucrproc) cvn load dup

 setblackgeneration

 setundercolorremoval

 0 array cvx readonly dup dup dup setcolortransfer

@@ -109,3 +116,5 @@ userdict /.smoothness currentsmoothness put

 % end of slightly nasty hack to give consistent cluster results

 //false 0 startjob pop		% re-enter encapsulated mode

+

+%END GS_CET

diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps

index a2503f1..9a1f2b2 100644

--- a/Resource/Init/gs_init.ps

+++ b/Resource/Init/gs_init.ps

@@ -1534,10 +1534,18 @@ setpacking

   % any-part-of-pixel rule.

   0.5 .setfilladjust

 } bind def

+

 % Set the default screen and BG/UCR.

+% We define the proc here, rather than inline in .setdefaultbgucr

+% for the benefit of gs_cet.ps so jobs that do anything that causes

+% .setdefaultbgucr to be called will still get the redefined proc

+% in gs_cet.ps

+(%.defaultbgrucrproc) cvn { pop 0 } def

+

 /.setdefaultbgucr {

   systemdict /setblackgeneration known {

-    { pop 0 } dup setblackgeneration setundercolorremoval

+    (%.defaultbgrucrproc) cvn load dup

+    setblackgeneration setundercolorremoval

   } if

 } bind def

 /.useloresscreen {	% - .useloresscreen <bool>

@@ -2506,4 +2514,7 @@ WRITESYSTEMDICT {

 % be 'true' in some cases.

 userdict /AGM_preserve_spots //false put

+systemdict /CETMODE .knownget

+{ { (gs_cet.ps) runlibfile } if } if

+

 % The interpreter will run the initial procedure (start).

-- 

2.20.1

From e8acf6d1aa1fc92f453175509bfdad6f2b12dc73 Mon Sep 17 00:00:00 2001

From: Nancy Durgin <nancy.durgin@artifex.com>

Date: Thu, 14 Feb 2019 10:09:00 -0800

Subject: [PATCH 2/4] Undef /odef in gs_init.ps

Made a new temporary utility function in gs_cet.ps (.odef) to use instead

of /odef.  This makes it fine to undef odef with all the other operators in

gs_init.ps

This punts the bigger question of what to do with .makeoperator, but it

doesn't make the situation any worse than it already was.

---

 Resource/Init/gs_cet.ps  | 10 ++++++++--

 Resource/Init/gs_init.ps |  1 +

 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/Resource/Init/gs_cet.ps b/Resource/Init/gs_cet.ps

index 75534bb..dbc5c4e 100644

--- a/Resource/Init/gs_cet.ps

+++ b/Resource/Init/gs_cet.ps

@@ -1,6 +1,10 @@

 %!PS

 % Set defaults for Ghostscript to match Adobe CPSI behaviour for CET

+/.odef {		% <name> <proc> odef -

+  1 index exch .makeoperator def

+} bind def

+

 systemdict /product get (PhotoPRINT SE 5.0v2) readonly eq

 {

   (%END GS_CET) .skipeof

@@ -93,8 +97,8 @@ userdict /.smoothness currentsmoothness put

    } {

      /setsmoothness .systemvar /typecheck signalerror

    } ifelse

-} bind odef

-/currentsmoothness { userdict /.smoothness get } bind odef % for 09-55.PS, 09-57.PS .

+} bind //.odef exec

+/currentsmoothness { userdict /.smoothness get } bind //.odef exec % for 09-55.PS, 09-57.PS .

 % slightly nasty hack to give consistent cluster results

 /ofnfa systemdict /filenameforall get def

@@ -113,6 +117,8 @@ userdict /.smoothness currentsmoothness put

   } ifelse

   ofnfa

 } bind def

+

+currentdict /.odef undef

 % end of slightly nasty hack to give consistent cluster results

 //false 0 startjob pop		% re-enter encapsulated mode

diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps

index 9a1f2b2..e5678b9 100644

--- a/Resource/Init/gs_init.ps

+++ b/Resource/Init/gs_init.ps

@@ -2253,6 +2253,7 @@ SAFER { .setsafeglobal } if

   /.systemvmSFD /.settrapparams /.currentsystemparams /.currentuserparams /.getsystemparam /.getuserparam /.setsystemparams /.setuserparams

   /.checkpassword /.locale_to_utf8 /.currentglobal /.gcheck /.imagepath /.currentoutputdevice

   /.type /.writecvs /.setSMask /.currentSMask /.needinput /.countexecstack /.execstack /.applypolicies

+  /odef

   % Used by a free user in the Library of Congress. Apparently this is used to

   % draw a partial page, which is then filled in by the results of a barcode

-- 

2.20.1

From 205591753126802da850ada6511a0ff8411aa287 Mon Sep 17 00:00:00 2001

From: Ray Johnston <ray.johnston@artifex.com>

Date: Thu, 14 Feb 2019 10:20:03 -0800

Subject: [PATCH 3/4] Fix bug 700585: Restrict superexec and remove it from

 internals and gs_cet.ps

Also while changing things, restructure the CETMODE so that it will

work with -dSAFER. The gs_cet.ps is now run when we are still at save

level 0 with systemdict writeable. Allows us to undefine .makeoperator

and .setCPSImode internal operators after CETMODE is handled.

Change previous uses of superexec to using .forceput (with the usual

.bind executeonly to hide it).

---

 Resource/Init/gs_cet.ps   | 39 ++++++++++++++-------------------------

 Resource/Init/gs_dps1.ps  |  2 +-

 Resource/Init/gs_fonts.ps |  8 ++++----

 Resource/Init/gs_init.ps  | 38 +++++++++++++++++++++++++++-----------

 Resource/Init/gs_ttf.ps   |  6 +++---

 Resource/Init/gs_type1.ps |  6 +++---

 6 files changed, 52 insertions(+), 47 deletions(-)

diff --git a/Resource/Init/gs_cet.ps b/Resource/Init/gs_cet.ps

index dbc5c4e..58da404 100644

--- a/Resource/Init/gs_cet.ps

+++ b/Resource/Init/gs_cet.ps

@@ -1,37 +1,28 @@

-%!PS

 % Set defaults for Ghostscript to match Adobe CPSI behaviour for CET

-/.odef {		% <name> <proc> odef -

-  1 index exch .makeoperator def

-} bind def

-

+% skip if we've already run this -- based on fake "product"

 systemdict /product get (PhotoPRINT SE 5.0v2) readonly eq

 {

   (%END GS_CET) .skipeof

 } if

-% do this in the server level so it is persistent across jobs

-//true 0 startjob not {

-  (*** Warning: CET startup is not in server default) = flush

-} if

+% Note: this must be run at save level 0 and when systemdict is writeable

+currentglobal //true setglobal

+systemdict dup dup dup

+/version (3017.102) readonly .forceput         % match CPSI 3017.102

+/product (PhotoPRINT SE 5.0v2) readonly .forceput      % match CPSI 3017.102

+/revision 0 put                        % match CPSI 3017.103 Tek shows revision 5

+/serialnumber dup {233640} readonly .makeoperator .forceput % match CPSI 3017.102 Tek shows serialnumber 1401788461

+

+systemdict /.odef {           % <name> <proc> odef -

+  1 index exch //.makeoperator def

+} .bind .forceput          % this will be undefined at the end

 300 .sethiresscreen	% needed for language switch build since it

                         % processes gs_init.ps BEFORE setting the resolution

 0 array 0 setdash % CET 09-08 wants local setdash

-currentglobal //true setglobal

-

-{

-  systemdict dup dup dup

-  /version (3017.102) readonly put		% match CPSI 3017.102

-  /product (PhotoPRINT SE 5.0v2) readonly put	% match CPSI 3017.102

-  /revision 0 put			% match CPSI 3017.103 Tek shows revision 5

-  /serialnumber dup {233640} readonly .makeoperator put % match CPSI 3017.102 Tek shows serialnumber 1401788461

-  systemdict /deviceinfo undef                  % for CET 20-23-1

-%  /UNROLLFORMS true put                 % CET files do unreasonable things inside forms

-} 1183615869 internaldict /superexec get exec

-

 /UNROLLFORMS true def

 (%.defaultbgrucrproc) cvn { } bind def

@@ -118,9 +109,7 @@ userdict /.smoothness currentsmoothness put

   ofnfa

 } bind def

-currentdict /.odef undef

-% end of slightly nasty hack to give consistent cluster results

-

-//false 0 startjob pop		% re-enter encapsulated mode

+systemdict /.odef .undef

+% end of slightly nasty hack to give consistent cluster results

 %END GS_CET

diff --git a/Resource/Init/gs_dps1.ps b/Resource/Init/gs_dps1.ps

index b75ea14..01475ac 100644

--- a/Resource/Init/gs_dps1.ps

+++ b/Resource/Init/gs_dps1.ps

@@ -85,7 +85,7 @@ level2dict begin

                 % definition, copy it into the local directory.

       //systemdict /SharedFontDirectory .knownget

        { 1 index .knownget

-          { //.FontDirectory 2 index 3 -1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse } % readonly

+          { //.FontDirectory 2 index 3 -1 roll .forceput } % readonly

          if

        }

       if

diff --git a/Resource/Init/gs_fonts.ps b/Resource/Init/gs_fonts.ps

index 01eca35..ab062e1 100644

--- a/Resource/Init/gs_fonts.ps

+++ b/Resource/Init/gs_fonts.ps

@@ -512,11 +512,11 @@ buildfontdict 3 /.buildfont3 cvx put

                 % the font in LocalFontDirectory.

    .currentglobal

     { //systemdict /LocalFontDirectory .knownget

-       { 2 index 2 index { .growput } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse }	% readonly

+       { 2 index 2 index .forceput }	% readonly

       if

     }

    if

-   dup //.FontDirectory 4 -2 roll { .growput } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse	% readonly

+   dup //.FontDirectory 4 -2 roll .forceput % readonly

                 % If the font originated as a resource, register it.

    currentfile .currentresourcefile eq { dup .registerfont } if

    readonly

@@ -1178,13 +1178,13 @@ currentdict /.putgstringcopy .forceundef

           //.FontDirectory 1 index known not {

             2 dict dup /FontName 3 index put

             dup /FontType 1 put

-            //.FontDirectory 3 1 roll { put } systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse   % readonly

+            //.FontDirectory 3 1 roll //.forceput exec % readonly

           } {

             pop

           } ifelse

         } forall

       } forall

-    }

+    } executeonly	% hide .forceput

 FAKEFONTS { exch } if pop def   % don't bind, .current/setglobal get redefined

 % Install initial fonts from Fontmap.

diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps

index e5678b9..a054222 100644

--- a/Resource/Init/gs_init.ps

+++ b/Resource/Init/gs_init.ps

@@ -2184,9 +2184,6 @@ SAFER { .setsafeglobal } if

   /.endtransparencygroup     % transparency-example.ps

   /.setdotlength             % Bug687720.ps

   /.sort /.setdebug /.mementolistnewblocks /getenv

-

-  /.makeoperator /.setCPSImode              % gs_cet.ps, this won't work on cluster with -dSAFER

-

   /unread

   ]

   {systemdict exch .forceundef} forall

@@ -2266,7 +2263,6 @@ SAFER { .setsafeglobal } if

   % Used by our own test suite files

   %/.fileposition %image-qa.ps

-  %/.makeoperator /.setCPSImode % gs_cet.ps

   % Either our code uses these in ways which mean they can't be undefined, or they are used directly by

   % test files/utilities, or engineers expressed a desire to keep them visible.

@@ -2471,6 +2467,16 @@ end

 /vmreclaim where

  { pop NOGC not { 2 .vmreclaim 0 vmreclaim } if

  } if

+

+% Do this before systemdict is locked (see below for additional CETMODE setup using gs_cet.ps)

+systemdict /CETMODE .knownget {

+  {

+    (gs_cet.ps) runlibfile

+  } if

+} if

+systemdict /.makeoperator .undef	% must be after gs_cet.ps

+systemdict /.setCPSImode .undef		% must be after gs_cet.ps

+

 DELAYBIND not {

   systemdict /.bindnow .undef       % We only need this for DELAYBIND

   systemdict /.forcecopynew .undef	% remove temptation

@@ -2479,16 +2485,29 @@ DELAYBIND not {

   systemdict /.forceundef .undef	% ditto

 } if

-% Move superexec to internaldict if superexec is defined.

-systemdict /superexec .knownget {

-  1183615869 internaldict /superexec 3 -1 roll put

-  systemdict /superexec .undef

+% Move superexec to internaldict if superexec is defined. (Level 2 or later)

+systemdict /superexec known {

+  % restrict superexec to single known use by PScript5.dll

+  % We could do this only for SAFER mode, but internaldict and superexec are

+  % not very well documented, and we don't want them to be used.

+  1183615869 internaldict /superexec {

+    2 index /Private eq                % first check for typical use in PScript5.dll

+    1 index length 1 eq and    % expected usage is: dict /Private <value> {put} superexec

+    1 index 0 get systemdict /put get eq and

+    {

+      //superexec exec         % the only usage we allow

+    } {

+      /superexec load /invalidaccess signalerror

+    } ifelse

+  } bind cvx executeonly put

+  systemdict /superexec .undef % get rid of the dangerous (unrestricted) operator

 } if

 %% Can't remove this one until the last minute :-)

 DELAYBIND not {

 systemdict /.undef .undef

 } if

+

 WRITESYSTEMDICT {

    SAFER {

        (\n *** WARNING - you have selected SAFER, indicating you want Ghostscript\n) print

@@ -2515,7 +2534,4 @@ WRITESYSTEMDICT {

 % be 'true' in some cases.

 userdict /AGM_preserve_spots //false put

-systemdict /CETMODE .knownget

-{ { (gs_cet.ps) runlibfile } if } if

-

 % The interpreter will run the initial procedure (start).

diff --git a/Resource/Init/gs_ttf.ps b/Resource/Init/gs_ttf.ps

index 05943c5..996d1e2 100644

--- a/Resource/Init/gs_ttf.ps

+++ b/Resource/Init/gs_ttf.ps

@@ -1421,7 +1421,7 @@ mark

           TTFDEBUG { (\n1 setting alias: ) print dup ==only

                 ( to be the same as  ) print 2 index //== exec } if

-          7 index 2 index 3 -1 roll exch //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse

+          7 index 2 index 3 -1 roll exch .forceput

         } forall

         pop pop pop

       }

@@ -1439,7 +1439,7 @@ mark

           exch pop

           TTFDEBUG { (\n2 setting alias: ) print 1 index ==only

                      ( to use glyph index: ) print dup //== exec } if

-          5 index 3 1 roll //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse

+          5 index 3 1 roll .forceput

           //false

         }

         {

@@ -1456,7 +1456,7 @@ mark

         {                            %  CharStrings(dict) isunicode(boolean) cmap(dict) RAGL(dict) gname(name) codep(integer) gindex(integer)

           TTFDEBUG { (\3 nsetting alias: ) print 1 index ==only

                 ( to be index: ) print dup //== exec } if

-          exch pop 5 index 3 1 roll //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse

+          exch pop 5 index 3 1 roll .forceput

         }

         {

           pop pop

@@ -1486,7 +1486,7 @@ mark

       } ifelse

     ]

   TTFDEBUG { (Encoding: ) print dup === flush } if

-} bind def

+} .bind executeonly odef               % hides .forceput

 % to be removed 9.09......

 currentdict /postalias undef

diff --git a/Resource/Init/gs_type1.ps b/Resource/Init/gs_type1.ps

index 2935d9c..1f38dd7 100644

--- a/Resource/Init/gs_type1.ps

+++ b/Resource/Init/gs_type1.ps

@@ -116,7 +116,7 @@

                  {                                               % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname aglname

                    CFFDEBUG { (\nsetting alias: ) print dup ==only

                          ( to be the same as glyph: ) print 1 index //== exec } if

-                   3 index exch 3 index //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse

+                   3 index exch 3 index .forceput

                                                                  % scratch(string) RAGL(dict) AGL(dict) CharStrings(dict) cstring gname

                  }

                  {pop} ifelse

@@ -135,7 +135,7 @@

          3 1 roll pop pop

      } if

      pop

-     dup /.AGLprocessed~GS //true //.growput systemdict /superexec known {//superexec}{1183615869 internaldict /superexec get exec} ifelse

+     dup /.AGLprocessed~GS //true .forceput

    } if

    %% We need to excute the C .buildfont1 in a stopped context so that, if there

@@ -148,7 +148,7 @@

    {//.buildfont1} stopped

    4 3 roll .setglobal

    {//.buildfont1 $error /errorname get signalerror} if

- } bind def

+ } .bind executeonly def	% hide .forceput

 % If the diskfont feature isn't included, define a dummy .loadfontdict.

 /.loadfontdict where

-- 

2.20.1

From d683d1e6450d74619e6277efeebfc222d9a5cb91 Mon Sep 17 00:00:00 2001

From: Ray Johnston <ray.johnston@artifex.com>

Date: Sun, 24 Feb 2019 22:01:04 -0800

Subject: [PATCH 4/4] Bug 700585: Obliterate "superexec". We don't need it, nor

 do any known apps.

We were under the impression that the Windows driver 'PScript5.dll' used

superexec, but after testing with our extensive suite of PostScript file,

and analysis of the PScript5 "Adobe CoolType ProcSet, it does not appear

that this operator is needed anymore. Get rid of superexec and all of the

references to it, since it is a potential security hole.

---

 Resource/Init/gs_init.ps | 18 ------------------

 psi/icontext.c           |  1 -

 psi/icstate.h            |  1 -

 psi/zcontrol.c           | 30 ------------------------------

 psi/zdict.c              |  6 ++----

 psi/zgeneric.c           |  3 +--

 6 files changed, 3 insertions(+), 56 deletions(-)

diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps

index a054222..ca20f12 100644

--- a/Resource/Init/gs_init.ps

+++ b/Resource/Init/gs_init.ps

@@ -2485,24 +2485,6 @@ DELAYBIND not {

   systemdict /.forceundef .undef	% ditto

 } if

-% Move superexec to internaldict if superexec is defined. (Level 2 or later)

-systemdict /superexec known {

-  % restrict superexec to single known use by PScript5.dll

-  % We could do this only for SAFER mode, but internaldict and superexec are

-  % not very well documented, and we don't want them to be used.

-  1183615869 internaldict /superexec {

-    2 index /Private eq                % first check for typical use in PScript5.dll

-    1 index length 1 eq and    % expected usage is: dict /Private <value> {put} superexec

-    1 index 0 get systemdict /put get eq and

-    {

-      //superexec exec         % the only usage we allow

-    } {

-      /superexec load /invalidaccess signalerror

-    } ifelse

-  } bind cvx executeonly put

-  systemdict /superexec .undef % get rid of the dangerous (unrestricted) operator

-} if

-

 %% Can't remove this one until the last minute :-)

 DELAYBIND not {

 systemdict /.undef .undef

diff --git a/psi/icontext.c b/psi/icontext.c

index 1fbe486..7462ea3 100644

--- a/psi/icontext.c

+++ b/psi/icontext.c

@@ -151,7 +151,6 @@ context_state_alloc(gs_context_state_t ** ppcst,

     pcst->rand_state = rand_state_initial;

     pcst->usertime_total = 0;

     pcst->keep_usertime = false;

-    pcst->in_superexec = 0;

     pcst->plugin_list = 0;

     make_t(&pcst->error_object, t__invalid);

     {	/*

diff --git a/psi/icstate.h b/psi/icstate.h

index 4c6a14d..1009d85 100644

--- a/psi/icstate.h

+++ b/psi/icstate.h

@@ -54,7 +54,6 @@ struct gs_context_state_s {

     long usertime_total;	/* total accumulated usertime, */

                                 /* not counting current time if running */

     bool keep_usertime;		/* true if context ever executed usertime */

-    int in_superexec;		/* # of levels of superexec */

     /* View clipping is handled in the graphics state. */

     ref error_object;		/* t__invalid or error object from operator */

     ref userparams;		/* t_dictionary */

diff --git a/psi/zcontrol.c b/psi/zcontrol.c

index 0362cf4..dc813e8 100644

--- a/psi/zcontrol.c

+++ b/psi/zcontrol.c

@@ -158,34 +158,6 @@ zexecn(i_ctx_t *i_ctx_p)

     return o_push_estack;

 }

-/* <obj> superexec - */

-static int end_superexec(i_ctx_t *);

-static int

-zsuperexec(i_ctx_t *i_ctx_p)

-{

-    os_ptr op = osp;

-    es_ptr ep;

-

-    check_op(1);

-    if (!r_has_attr(op, a_executable))

-        return 0;		/* literal object just gets pushed back */

-    check_estack(2);

-    ep = esp += 3;

-    make_mark_estack(ep - 2, es_other, end_superexec); /* error case */

-    make_op_estack(ep - 1,  end_superexec); /* normal case */

-    ref_assign(ep, op);

-    esfile_check_cache();

-    pop(1);

-    i_ctx_p->in_superexec++;

-    return o_push_estack;

-}

-static int

-end_superexec(i_ctx_t *i_ctx_p)

-{

-    i_ctx_p->in_superexec--;

-    return 0;

-}

-

 /* <array> <executable> .runandhide <obj>				*/

 /* 	before executing  <executable>, <array> is been removed from	*/

 /*	the operand stack and placed on the execstack with attributes	*/

@@ -971,8 +943,6 @@ const op_def zcontrol3_op_defs[] = {

     {"0%loop_continue", loop_continue},

     {"0%repeat_continue", repeat_continue},

     {"0%stopped_push", stopped_push},

-    {"1superexec", zsuperexec},

-    {"0%end_superexec", end_superexec},

     {"2.runandhide", zrunandhide},

     {"0%end_runandhide", end_runandhide},

     op_def_end(0)

diff --git a/psi/zdict.c b/psi/zdict.c

index b0deaaa..e2e525d 100644

--- a/psi/zdict.c

+++ b/psi/zdict.c

@@ -212,8 +212,7 @@ zundef(i_ctx_t *i_ctx_p)

     int code;

     check_type(*op1, t_dictionary);

-    if (i_ctx_p->in_superexec == 0)

-        check_dict_write(*op1);

+    check_dict_write(*op1);

     code = idict_undef(op1, op);

     if (code < 0 && code != gs_error_undefined) /* ignore undefined error */

         return code;

@@ -504,8 +503,7 @@ zsetmaxlength(i_ctx_t *i_ctx_p)

     int code;

     check_type(*op1, t_dictionary);

-    if (i_ctx_p->in_superexec == 0)

-        check_dict_write(*op1);

+    check_dict_write(*op1);

     check_type(*op, t_integer);

     if (op->value.intval < 0)

         return_error(gs_error_rangecheck);

diff --git a/psi/zgeneric.c b/psi/zgeneric.c

index 8048e28..d4edddb 100644

--- a/psi/zgeneric.c

+++ b/psi/zgeneric.c

@@ -204,8 +204,7 @@ zput(i_ctx_t *i_ctx_p)

     switch (r_type(op2)) {

         case t_dictionary:

-            if (i_ctx_p->in_superexec == 0)

-                check_dict_write(*op2);

+            check_dict_write(*op2);

             {

                 int code = idict_put(op2, op1, op);

-- 

2.20.1